Privacy and Security Manager

We are seeking a highly skilled and experienced Privacy and Security Manager to join our team. In this role you will be responsible for developing implementing and maintaining our organization's privacy and security. You will play a crucial role in safeguarding our company's sensitive information and ensuring compliance with relevant laws and regulations. The ideal candidate will possess a deep understanding of privacy and security best practices strong analytical skills and the ability to communicate effectively with stakeholders at all levels of the organization.

What You’ll Do

• Develop and Implement Privacy and Security Policies: Design implement and enforce policies and procedures to protect the confidentiality integrity and availability of sensitive information ensuring alignment with compliance requirements.

• Risk Assessment and Management: Conduct regular risk assessments to identify potential vulnerabilities and threats to the organization's privacy and security. Develop strategies to mitigate risks and respond to security incidents in compliance with regulatory requirements.

• Compliance Management: Stay up-to-date with relevant privacy and security laws regulations and industry standards. Ensure compliance with requirements such as PCI GDPR CCPA/CPRA HIPAA and others applicable to our organization. Develop and maintain a compliance roadmap and ensure adherence to it.

• Security Awareness Training: Develop and deliver privacy and security awareness training programs for employees to promote a culture of security consciousness throughout the organization.

• Vendor Management: Evaluate and manage third-party vendors and service providers to ensure they meet our privacy and security standards. Conduct due diligence assessments and monitor vendor compliance.

• Incident Response: Partner with the VP and manager of Information Security on the response to privacy and security incidents including investigating breaches coordinating with relevant stakeholders and implementing corrective actions to prevent future incidents ensuring compliance with regulatory reporting requirements.

• Privacy Impact Assessments (PIAs): Conduct PIAs for new projects systems or processes to assess and mitigate privacy risks. Work closely with cross-functional teams to integrate privacy considerations into project planning and development.

• Data Governance: Develop and maintain data governance frameworks including data classification retention policies and data access controls to ensure the appropriate handling of sensitive information in compliance with applicable regulations.

• Security Audits and Assessments: Coordinate and participate in internal and external security audits and assessments. Collaborate with auditors and assessors to address findings and implement remediation measures to maintain compliance.

Qualifications:

• Bachelor's degree in Information Security Computer Science or related field. Advanced degree or relevant certifications (e.g. CISSP CIPP) preferred.

• Minimum of 3 years of experience in privacy and security adjacent roles preferably in the financial industry with SaaS exposure.

• Understanding of privacy and security principles standards and best practices.

• Proficiency in conducting risk assessments developing policies and procedures and managing compliance efforts.

• Excellent communication and interpersonal skills with the ability to effectively engage with stakeholders at all levels of the organization.

• Strong analytical and problem-solving abilities with a keen attention to detail.

• Experience with security technologies and tools such as SIEM DLP encryption and access controls.

• Ability to work independently and collaboratively in a fast-paced environment with a commitment to continuous learning and improvement.

Additional Information:

The base pay range for this position is between $$115000-$135000 USD annually. The salary range for performing this role outside of the US / Austin / California may differ.  AffiniPay is committed to offering competitive fair and commensurate compensation and has provided an estimated pay range for this role. Actual compensation may vary based on job-related knowledge skills experience and education.